Email Filtering and Encryption: Why Google’s Filtering Isn’t Enough

Businesses today simply cannot afford to skimp on email security. In fact, email has become the number one path that malicious attackers use to slip past your defenses and infiltrate your network. While Google G Suite offers good, basic security, it does not provide full protection against today’s quickly evolving email threats.

That’s where Symantec Email Security.cloud comes in. Symantec’s cloud-based email security solution provides the full range of protection your business needs to withstand known and emerging threats like business email compromise, ransomware and spear phishing.

 

Why Is Email Targeted?

Email has become the favored target of attacks for several reasons. First, it’s everywhere. These days, nearly every business, large or small, uses email for both external and internal communications.

This also means that email users vary a lot in their awareness of threats. Users who aren’t as aware of security risks may open attachments or click links that download malware or give hackers access to your network.

For instance, as Tripwire.com’s State of Security reports, in 2016 a police department in Dallas, Texas, was infected by ransomware through an email that came from an address that imitated a departmental email address. The ransomware encrypted police files, including documents, photographs and videos. It demanded $4,000 in Bitcoin to decrypt the files.

While the Texas police department chose not to pay the ransom, these attacks can also be very profitable. For instance, according to Symantec’s annual Internet Security Threat Report, in 2016 the average ransomware payout was more than $1,000.

One victim of an email-based ransomware attack that paid significantly more than that was the Hollywood Presbyterian Medical Center. In 2016, their network was infected by ransomware spread by spam phishing emails. Ultimately, the hospital paid a $17,000 ransom to get access to their data back.

Plus, emails themselves often contain sensitive and valuable information about a business. As a result, hackers can steal confidential data directly from the emails themselves, for later sale or other purposes.

Because email is such a tempting target for cybercriminals, it’s particularly important to ensure that your company or organization’s email is secure.

 

How Does Symantec Email Security.cloud Protect Against Threats?

Symantec’s email security solution provides a blanket of protection that addresses three major types of threats. First, Symantec defends against malware and spam using technology such as antivirus engines and reputation analysis to evaluate the links and attachments in emails.

To protect against phishing, Symantec checks links in emails before they’re even delivered, following them all the way to their final destination. This way, Symantec’s security can catch brand new phishing attacks, unlike less advanced security systems that can only detect already-known phishing links.

For additional defense against phishing, it also has the ability to identify and block emails that are designed to impersonate actual users or domains belonging to your organization. This could have prevented the ransomware attack against the police department in Dallas.

Finally, Symantec Email Security.cloud also protects against emerging threats—new and targeted attacks that may be designed to evade less sophisticated email security products.

For instance, today some malware is written so that it won’t execute unless it’s on a physical server and detects what appears to be human interaction. When Symantec detects an unknown file, the file gets “sandboxed”—isolated and sent to a physical server that mimics human behavior to see whether it’s actually a threat.

The email threat isolation capabilities offered by Symantec cannot be matched by any other email security solution available today. Suspicious links and websites are made harmless by either preventing the user from accessing them or rendering them in read-only mode so that the user literally cannot enter the sensitive information that the phishing attack is trying to capture—such as passwords.

Advanced machine learning, network traffic analysis, and behavior analysis are also used to analyze code, detect hidden threats, and find new and hidden ransomware that may be lurking inside seemingly harmless attachments.

 

Symantec Email Security.cloud Leads the Way

So how well does Symantec do in actual testing? In 2017, Symantec conducted internal testing of four email security solutions: Symantec, Proofpoint, Mimecast, and Office 365. They sent almost two thousand emails, including both clean emails and those containing malware and phishing attacks.

Symantec easily beat all of the competition. Symantec caught 98.77% of all the malicious email, with zero false positives. By comparison, the second-best security solution was Office 365, which caught only 88.11% of the malicious emails and had 0.06% false positives.

For instance, Symantec’s current Service Level Target for Antispam Efficacy is “Over 99%.” Every month, they report whether this target has been achieved. In June 2018, their actual Antispam Efficacy was 99.999986%!

 

Conclusion

Malicious attacks via email continue to rise, with new threats developing every day. Symantec’s Email Security.cloud can shield your company against both known and emerging threats. And thanks to its education and assessment components, it can even help to train your employees to guard against threats too.